Commitment issues in delegation process

Authors:
Quan Pham;Jason Reid;Adrian McCullagh;Ed Dawson
Affiliations:
Queensland University of Technology, Brisbane, QLD, Australia;Queensland University of Technology, Brisbane, QLD, Australia;Queensland University of Technology, Brisbane, QLD, Australia;Queensland University of Technology, Brisbane, QLD, Australia
Venue:
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
Year:
2008

Citing 26
Cited 2

Access control for collaborative environments

Access control for collaborative environments
Role activation hierarchies

RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Role delegation in role-based access control

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A rule-based framework for role based delegation

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A role-based delegation framework for healthcare information systems

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
PBDM: a flexible delegation model in RBAC

Proceedings of the eighth ACM symposium on Access control models and technologies
Framework for role-based delegation models

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
A rule-based framework for role-based delegation and revocation

ACM Transactions on Information and System Security (TISSEC)
On permissions, inheritance and role hierarchies

Proceedings of the 10th ACM conference on Computer and communications security
Role-based cascaded delegation

Proceedings of the ninth ACM symposium on Access control models and technologies
Role-Based Delegation Model/ Hierarchical Roles (RBDM1)

ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Access control in collaborative systems

ACM Computing Surveys (CSUR)
Supporting conditional delegation in secure workflow management systems

Proceedings of the tenth ACM symposium on Access control models and technologies
A fine-grained, controllable, user-to-user delegation method in RBAC

Proceedings of the tenth ACM symposium on Access control models and technologies
Delegatable Access Control for Fine-Grained XML

ICPADS '05 Proceedings of the 11th International Conference on Parallel and Distributed Systems - Workshops - Volume 02
Extending the Security Assertion Markup Language to Support Delegation for Web Services and Grid Services

ICWS '05 Proceedings of the IEEE International Conference on Web Services
Federated identity management for protecting users from ID theft

Proceedings of the 2005 workshop on Digital identity management
A delegation framework for federated identity management

Proceedings of the 2005 workshop on Digital identity management
Fine-grained role-based delegation in presence of the hybrid role hierarchy

Proceedings of the eleventh ACM symposium on Access control models and technologies
Delegation in the role graph model

Proceedings of the eleventh ACM symposium on Access control models and technologies
A usage-based authorization framework for collaborative computing systems

Proceedings of the eleventh ACM symposium on Access control models and technologies
A framework for role-based group deligation in distributed environments

ACSC '06 Proceedings of the 29th Australasian Computer Science Conference - Volume 48
X-FEDERATE: A Policy Engineering Framework for Federated Access Management

IEEE Transactions on Software Engineering
An authorization framework based on constrained delegation

ISPA'04 Proceedings of the Second international conference on Parallel and Distributed Processing and Applications
Delegation in role-based access control

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
User-attributed rights in DRM

DRMTICS'05 Proceedings of the First international conference on Digital Rights Management: technologies, Issues, Challenges and Systems

Process modelling, delegation and control in global software development

International Journal of Computer Applications in Technology
Perspectives of delegation in team-based distributed software development over the GENI infrastructure (NIER track)

Proceedings of the 33rd International Conference on Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Delegation is a powerful mechanism to provide flexible and dynamic access control decisions. Delegation is particularly useful in federated environments where multiple systems, with their own security autonomy, are connected under one common federation. Although many delegation schemes have been studied, current models do not seriously take into account the issue of delegation commitment of the involved parties. In order to address this issue, this paper introduces a new mechanism to help parties involved in the delegation process to express commitment constraints, perform the commitments and track the committed actions. This mechanism looks at two different aspects: pre-delegation commitment and post-delegation commitment. In pre-delegation commitment, this mechanism enables the involved parties to express the delegation constraints and address those constraints. The post-delegation commitment phase enables those parties to inform the delegator and service providers how the commitments are conducted. This mechanism utilises a modified SAML assertion structure to support the proposed delegation and constraint approach.